Tuesday 13 February 2007

Firewall Fun

MS07-010
"A remote code execution vulnerability exists in the Microsoft Malware Protection Engine because of the way that it parses Portable Document Format (PDF) files. An attacker could exploit the vulnerability by constructing a specially crafted PDF File that could potentially allow remote code execution when the target computer system receives, and the Microsoft Malware Protection Engine scans, the PDF file."

In English: We would like to inform you that you have just been shot by the shield we sold you to protect you from being shot.

Not as bad as the Witty Worm but it's not one I'd want on my track record.

No comments: